Skip to content

Installation & setup

This walks you end to end: from dropping the jar in to a player (and an admin) fully linked with their rank showing on the website.

  • The Phalanx API is deployed and reachable (e.g. https://api.yourserver.gg).
  • AuthMe is running on a MySQL backend, and the API’s AUTHME_DB_* variables point at it (read-only user).
  • You have generated the shared key: openssl rand -base64 32.

  1. Download DzusillCore and drop it in plugins/. dWebLink will not load without it.
  2. Download dWebLink and drop it in plugins/.
  3. (Optional) Make sure LuckPerms is installed if you want rank sync.
  4. Start the server once so dWebLink generates plugins/dWebLink/config.yml, then stop it.

Open plugins/dWebLink/config.yml:

# Base URL of the website API (no trailing slash, no /api/v1).
api-base-url: "https://api.yourserver.gg"
# Shared secret. MUST equal MC_PLUGIN_API_KEY on the API. Keep it private.
api-key: "PASTE-THE-GENERATED-KEY-HERE"
# Which website tenant this server maps to (sent as the X-Tenant-Slug header).
tenant-slug: "default"
# Seconds a player must wait between /webtoken requests.
cooldown-seconds: 30
# Push each player's LuckPerms rank to the website so it shows as their author identity.
profile-sync:
enabled: true
join-delay-ticks: 40 # wait ~2s after join so LuckPerms has loaded the user
min-interval-seconds: 300 # throttle: at most one automatic push per player per 5 min
  • api-base-url β€” just the host, no path. The plugin adds /api/v1/... itself.
  • tenant-slug β€” leave default for a single server; change it only if you run multiple sites off one API.

On the API host, the environment variable MC_PLUGIN_API_KEY must equal the plugin’s api-key. If they differ, every call is rejected with 401 and /webtoken reports an error.

Terminal window
# on the API (e.g. Railway / your server env)
MC_PLUGIN_API_KEY=PASTE-THE-SAME-KEY-HERE

Redeploy / restart the API after setting it.


  1. Start the Minecraft server. The console banner shows dWebLink enabling after DzusillCore.

  2. Join the server and run:

    /webtoken

    You should get a one-time code and an expiry (default 5 minutes). If instead you see β€œnot configured” or an error, jump to the FAQ.


A player links once. After that they log in with just their Minecraft username + password.

  1. In game: run /webtoken to get a code.
  2. On the website (yourserver.gg): open the login page, enter the Minecraft username + AuthMe password, and when prompted enter the /webtoken code. This creates their verified website account.
  3. Link Discord (optional but needed for admins): on their profile, click Link Discord, then send the shown code to the Discord bot. The bot confirms and grants the verified role.

See How linking works for what happens under the hood.


The website admin panel requires a verified Minecraft link β€” an admin cannot sign in until they have one (their Minecraft identity becomes their public author byline). So each staff member must complete step 5 (including Link Discord, since the panel login is Discord OAuth).

:warning: If you are enabling the admin gate on an existing site, make sure every admin links before you deploy the gate, or they will be locked out. The API ships a check script for this β€” see the Phalanx deployment guide (admin:link-check).


  1. Give a player a LuckPerms rank with a prefix.
  2. Have them rejoin (or run /webtoken).
  3. Their group + prefix now appears next to their name on the website β€” as the author byline on content they publish, and in the admin sidebar for staff.

If ranks do not appear, confirm LuckPerms is installed and profile-sync.enabled: true, then see Rank & author sync.


You now have: a shared key on both sides, players able to link with /webtoken, admins gated behind a verified link, and LuckPerms ranks flowing to the site. Reference: config.yml Β· Commands & Permissions.